Menu
.svg)
.svg)
.svg)
Tekion Corp. © 2026. All rights reserved.
Menu
Tekion Corp. © 2026. All rights reserved.
Back to Trust Portal
Security
At Tekion, security isn't an afterthought-it's the foundation of everything we build. Your data, systems, and operations are protected from unauthorized access, threats, and disruption at every level. We’ve engineered security into every layer of our infrastructure, networks, and applications from day one.
.png)
Data Storage Site Security
Your data is stored in secured facilities with layered access controls, including:
Physical access to the data centers is limited to authorized personnel, verified through biometric authentication.
On-site security includes guards, closed-circuit video monitoring, man traps, and additional intrusion protection measures.
.png)
Network Security
Your data travels across networks protected from unauthorized access‚-both internally and externally, by:
Running regular external and internal vulnerability scans and notifying relevant parties of any findings.
Maintaining perimeter defenses such as firewalls and data loss prevention solutions.
Monitoring network activity through security information event management (SIEM) to identify detect anomalous behavior and threats in real time.
Enforcing network access controls to ensure only authenticated and authorized devices and users can connect to internal network resources.
.png)
Platform Security
Every server, workstation, and cloud environment hosting your data is protected against both known and emerging threats, by:
Deploying and maintaining up-to-date anti-virus and anti-malware protection across all operating systems.
Keeping operating systems securely configured and regularly updated to address known vulnerabilities.
.png)
Data Confidentiality
Your data stays confidential wherever it is stored, transmitted, or processed, through:
Encrypting data to block unauthorized interception or access.
Securely disposing of the data in line with defined retention policies.
Strictly controlling who can view or handle confidential data, with access limited to authorized personnel.
.png)
Data Access
Only authorized Tekion personnel can access your data through controlled and audited means, by:
Requiring unique usernames, passwords, and multi-factor authentication for remote access to systems hosting your data.
Enforcing least privilege principles - ensuring access is granted only when authorized and revoked when no longer needed.
Maintaining segregation of duties and reviewing access permissions regularly.
.png)
Data Processing
Every time your data is processed by Tekion, these security practices apply:
Enforcing data handling policies and running regular security awareness training so every employee understands their responsibilities.
Training developers in secure coding techniques and keeping them current as threats and best practices evolve.
Conducting periodic reviews of data processing activities to ensure ongoing compliance with security policies and applicable regulations.
.png)
Third-Party Security Procedures
Every third party that accesses your data is assessed and held to Tekion’s security standards, through:
Vetting third-party with access to personal data, requiring confidentiality agreements before access is granted, and communicating data handling policies to all relevant staff.
Reviewing sub-processors and third parties to confirm they meet the security controls required by Tekion's information security policies.
.png)
Incident Management Procedure
Tekion’s incident management process is built to detect, contain, and recover from incidents in a timely manner, through:
Following a structured response process covering detection, containment, eradication, recovery, and post-incident review to minimize the impact of any data compromise.
Notifying affected individuals and relevant parties of any incident within legally required timeframes.
Regularly testing and updating breach response procedures to ensure they remain effective and aligned with evolving regulatory requirements and industry standards.
.png)
Availability and continuity
Keeping your service online and recoverable is a top priority and the measures taken to ensure this include:
Maintaining multiple geographically diverse data centers to reduce the risk of service disruption and ensure resilience against localized failures.
Running disaster recovery and business continuity programs that are tested and reviewed regularly to stay effective and reliable.
Monitoring system performance and availability continuously to identify and resolve potential issues before they affect service delivery.
For more information on our service levels, please see <a href="https://cloud.tekion.ai/legal/tekion-service-level-agreement">Our Service Level Agreement</a>.
Security Built Upon a<xs> Strong Foundation
As an end-to-end AI-native, cloud platform, Tekion leverages the state-of-the-art security provided by Azure and AWS-so your data is protected by world-class security foundations.
Learn how Azure and AWS protect your data at the infrastructure level.
Microsoft Azure
Amazon AWS
Tekion has formal policies and procedures addressing how we develop, implement, maintain, and improve our robust information security program. We also have several internal policies governing how our employees and contractors access, store, and secure customer data. These policies follow a similar format, have dedicated owners, and committed review periods. The policies cover a variety of topics ranging from securing our employees’ assets to responding to security incidents.
Access to your data is generally limited to the following recipients: (1) our employees and contractors who require access to develop our products and services and to provide you with customer support (including employees of Tekion entities); (2) third-parties that you authorize us to share data with (e.g., third-party integrations that you use in your business); (3) third-party partners, including our <a href="https://go.tekion.com/subprocessors">sub-processors</a>, that we use to develop and support our products and services (e.g., our cloud service providers and OEMs). In some limited circumstances, we may also need to share your data with third-parties for legal purposes (e.g., in connection with a legal action or for tax purposes). However, in all instances, we share only the data that is necessary to fulfill the above purposes. For more information about how we use and share data, please see our <a href="/legal/privacy-policy">privacy policy</a>.<xs><xs>Additionally, our products have audit trails to give customers visibility over access to their data in Tekion’s systems, including their employees and third-party vendors. Please contact your solutions specialist for more information on obtaining this information.
Yes – please contact <a href="mailto:privacy@tekion.com">privacy@tekion.com</a> for more information.
Yes. Multi-factor authentication (MFA) is one of several tools that we use to secure data in our products and our internal systems. Authorized Tekion employees and contractors may only access Tekion systems and databases holding customer data through MFA. On the product side, MFA is enabled by default.
Yes, Tekion has a vulnerability management program. We also regularly conduct vulnerability assessment and penetration testing (VA/PT) as well. While we do not have a formal bug bounty program, we promptly investigate any reported security flaws and risks and address them as quickly as possible. To report a potential security risk, please contact <a href="mailto:security@tekion.com">security@tekion.com</a>.
Yes, Please <a href="/legal/tekion-service-level-agreement">click here</a> for the Service Level Availability Policy (SLA) and it has been posted on our website (Tekion Home page >> Legal >> Tekion® ARC Service Level Agreement)
In the event of a confirmed security incident affecting your data, Tekion will:
<xs><xs>
1. Notify you promptly via email to your designated contacts, within any timeframes required by applicable law
<xs><xs>
2. Provide incident details including what happened, what data was affected, potential harm, and remediation steps taken
<xs><xs>3. Support your notification obligations by providing information you need to notify your customers, if required
<xs><xs>
To ensure timely notification, please keep your contact information current in our system. For details, see our <a href="/legal/dpa">Data Processing Addendum</a>.
Ready When You Are
Automotive
Retail Cloud
Automotive
Enterprise Cloud
Automotive
Partner Cloud
Follow us
Automotive
Retail Cloud
Dealer Management System
Digital Service Experience
Parts Management
CRM
Advanced Analytics
Tekion Pay
Virtual to Visit
Payroll
Automotive
Enterprise Cloud
Unified Retail Experience
Vehicle Configurator
Analytics & Reporting
Real-time Purchasing Tools
Financing & Add-on
Digital Shopping tools
Automotive
Partner Cloud
Partners Overview
Find a Partner
Become a Partner
Partner Portal
Business
Solutions
Automotive OEMs
Enterprise Dealer Groups
Auto Dealerships
Specialty Vehicle Dealers
Sales Teams
Service Departments
IT Departments
Auto Technology Partners
.svg)